release: v2024.3.5

[rustatian]

Reason for This PR

• Stable release cycle.

Description of Changes

🚀 v2024.3.5 🚀

Changelog:

📦 Kafka driver:

• 🧑‍🏭: Do not require a certificate and key for TLS if a Root CA is provided, FR, (thanks @AtCliffUnderline)

License Acceptance

By submitting this pull request, I confirm that my contribution is made under the terms of the MIT license.

PR Checklist

[Author TODO: Meet these criteria.]
[Reviewer TODO: Verify that these criteria are met. Request changes if not]

• All commits in this PR are signed (git commit -s).
• The reason for this PR is clearly provided (issue no. or explanation).
• The description of changes is clear and encompassing.
• Any required documentation changes (code and docs) are included in this PR.
• Any user-facing changes are mentioned in CHANGELOG.md.
• All added/changed functionality is tested.

Summary by CodeRabbit

• Chores
  • Updated multiple underlying dependencies to their latest versions. These updates are designed to enhance overall performance, stability, and security. With this systematic refresh, the application foundation remains robust, ensuring improved reliability and a seamless user experience while maintaining compatibility with evolving standards.

[coderabbitai]

Walkthrough

This pull request updates the go.mod file by incrementing various dependency versions. Most updates concern the github.com/roadrunner-server modules, where many components are upgraded from v5.1.4 to v5.1.6 or similar variants. In addition, updates include version bumps for temporal-related packages, as well as for other external modules from golang.org, google.golang.org, and github.com/klauspost/cpuid/v2. These changes ensure that the project references the latest releases for compatibility and potential feature or fix improvements.

Changes

File(s)	Change Summary
go.mod (roadrunner-server/*)	Updated dependency versions: most modules upgraded from v5.1.4 → v5.1.6; exceptions include http (v5.2.3→v5.2.5), kafka (v5.2.0→v5.2.2), kv (v5.2.4→v5.2.6), memory (v5.2.4→v5.2.6), server (v5.2.5→v5.2.7), static (v5.1.3→v5.1.4) and tcplisten (v1.5.1→v1.5.2). The send package remains unchanged.
go.mod (external dependencies)	Updated versions for non-roadrunner modules: temporalio dependencies (roadrunner-temporal v5.5.1→v5.5.2, go.temporal.io/api v1.44.1→v1.45.0, sdk and server similarly), cpuid (v2.2.9→v2.2.10), golang.org/x packages (crypto: v0.34.0→v0.35.0, oauth2: v0.26.0→v0.27.0), and google.golang.org APIs/genproto updated to new commit references.

Possibly related PRs

• release: v2024.1.5 #1947: Involved similar dependency version updates in the go.mod file for several roadrunner-server modules.
• release: v2024.2.1 #2001: Addressed modifications in dependency versions for multiple roadrunner-server packages, reflecting a similar update pattern.
• release: v2024.3.3 #2123: Focused on updating key dependencies like amqp/v5 and app-logger/v5 in the go.mod file, closely related to the changes in this PR.

Suggested labels

C-enhancement

Suggested reviewers

• wolfy-j

Poem

I'm a little bunny, code hopping through the night,
Upgrading dependencies with a bound so light.
In go.mod, each version springs anew—
A leap of numbers in a rhythmic queue.
With whiskers twitching in a digital delight,
I celebrate these changes, hopping into the light!

Warning

There were issues while running some tools. Please review the errors and either fix the tool’s configuration or disable the tool if it’s a critical failure.

🔧 golangci-lint (1.62.2)

Error: can't load config: the Go language version (go1.23) used to build golangci-lint is lower than the targeted Go version (1.24.0)
Failed executing command with error: can't load config: the Go language version (go1.23) used to build golangci-lint is lower than the targeted Go version (1.24.0)

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ee920b8 and 7120a51.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (1)

• go.mod (4 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (3)

• GitHub Check: Unit tests
• GitHub Check: Golang-CI (lint)
• GitHub Check: Analyze (go)

🔇 Additional comments (12)

go.mod (12)

13-13: Update Core Roadrunner Modules Versions
The versions for several core Roadrunner modules—amqp, app-logger, beanstalk, boltdb, centrifuge, and config—have been updated to v5.1.6. This update aligns with the stable release objectives. Please ensure that integration tests have confirmed compatibility with these new versions.

Also applies to: 15-19

---

22-23: Update Fileserver and Google Pub/Sub Modules
Both fileserver and google-pub-sub have been bumped to v5.1.6, which harmonizes with the other Roadrunner module updates. No API-breaking changes are expected here, but a rerun of the test suites is recommended.

---

25-45: Update Additional Roadrunner Dependencies (Including Kafka Driver)
This hunk updates a broad range of dependencies including grpc, gzip, headers, http, informer, jobs, and notably the kafka driver to v5.2.2.

Important: The Kafka driver update is especially critical since it introduces support for omitting the certificate and key for TLS connections when a Root CA is provided. Please verify that this new TLS behavior is working as intended across all relevant integration tests and that backward compatibility is maintained.

The remaining module updates—kv, lock, logger, memcached, memory, metrics, nats, otel, pool, prometheus, proxy_ip_parser, redis, resetter, and rpc—also align with the stable release cycle.

---

47-52: Update Server and Related Modules
The updates on server, service, sqs, static, status, and tcp ensure that core server components are consistent with the overall version bumping strategy. These changes support the stability and performance improvements targeted in this release.

---

56-56: Update Temporal Module
The roadrunner-temporal dependency has been updated to v5.5.2. Since this module often interacts with workflow logic, please verify that the updated version integrates seamlessly with your existing temporal workflows.

---

124-124: Update cpuid Library
The bump for github.com/klauspost/cpuid/v2 to v2.2.10 may bring performance improvements or bug fixes. Ensure that any CPU feature detection logic in your code base continues to operate correctly.

---

159-160: Update Priority Queue and TCP Listen Libraries
The upgrades for github.com/roadrunner-server/priority_queue to v1.0.3 and github.com/roadrunner-server/tcplisten to v1.5.2 should be reviewed for any potential API changes or side effects. These appear to be minor version bumps, but cross-checking with tests is advised.

---

202-203: Update Temporal API and SDK
The updates to go.temporal.io/api to v1.45.0 and go.temporal.io/sdk to v1.33.0 ensure your Temporal components are current. Validate these changes with your workflow tests to confirm that no integration issues have arisen.

---

206-206: Update Temporal Server Version
Bumping go.temporal.io/server to v1.27.1 should bring stability improvements. Ensure that backend job scheduling and workflow executions are fully tested against this new version.

---

212-212: Update Golang Crypto Package
Upgrading golang.org/x/crypto to v0.35.0 can provide enhanced security and performance improvements. Please verify that this update does not introduce any unforeseen side effects in your cryptographic operations.

---

216-216: Update OAuth2 Dependency
The version bump for golang.org/x/oauth2 to v0.27.0 is a routine update. Confirm that any authentication flows or OAuth integrations are still functioning as expected.

---

222-225: Update Google API and Genproto Dependencies
The updates to google.golang.org/api, google.golang.org/genproto, and its related packages (the Genproto packages for Google APIs and RPC) bring in the latest commits. Since these libraries are often upstream dependencies for API clients, please verify that any code consuming these packages correctly handles potential response or schema changes.

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.